1

Hey there I have this snippet and I am having trouble deducing the correct syntax for it. It is helping me search my DB and I cannot seem to get it. Any help is appreciated. Thanks!

Here is the snippet its a PHP portion searching m y MySQL DB

$query = mysql_query("SELECT e.event_name, v.venue_name FROM tie_in.events e LEFT JOIN tie_in.venues v ON v.venue_id = e.venue_id WHERE e.event_name = '%.$uniqueId.%' OR v.venue_name = '%.$uniqueId.%' ORDER BY e.event_time");

There area that I am having trouble with is the wrapping of the $uniqueId handler. How would I wrap this properly with parentheses etc to have the proper syntax to complete the function?

Thanks!

velvetpuma
  • 103
  • 5
  • 15

2 Answers2

2

Pattern matches with % wildcards need to use LIKE, not =.

You can interpolate PHP variables inside strings by enclosing them in curly braces.

... WHERE e.event_name LIKE '%{$uniqueId}%' OR v.venue_name LIKE '%{$uniqueId}%' ...

Be careful that $uniqueId is a safe variable to use in SQL. You don't want to introduce SQL injection vulnerabilities.

Also, for what it's worth, the mysql_* functions are deprecated, and will be removed from PHP in some future version. So I recommend you use PDO instead, unless you have to use mysql_* because you have a lot of legacy code.

Community
  • 1
  • 1
Bill Karwin
  • 538,548
  • 86
  • 673
  • 828
0

Either remove the % since wildcards are not supported when you use =

$query = mysql_query("SELECT e.event_name, v.venue_name FROM tie_in.events e LEFT JOIN tie_in.venues v ON v.venue_id = e.venue_id WHERE e.event_name = '$uniqueId' OR v.venue_name = '$uniqueId' ORDER BY e.event_time");

Or use LIKE instead of =

$query = mysql_query("SELECT e.event_name, v.venue_name FROM tie_in.events e LEFT JOIN tie_in.venues v ON v.venue_id = e.venue_id WHERE e.event_name LIKE '%".$uniqueId."%' OR v.venue_name = '%".$uniqueId."%' ORDER BY e.event_time");
Erlesand
  • 1,525
  • 12
  • 16